domain mapping, multi-domains and ssl

I need to install an ssl certificate on a mapped domain in my multi-site network.

There seems to be several posts about this, most seem kind of old, so I am just wondering what sort of certificate I should purchase - the mapped domain, or a wildcard subdomain ssl so that they area all covered somehow?

Advice appreciated!
Sam

  • Samantha McLean
    • Design Lord, Child of Thor

    OK so lots of reading here and still no clear answer for me so I'm wondering @PC If you could answer this question directly:

    Main Multi-site Domain: sold-digital.com.au

    Subdomain where eCommerce is required: training.sold-digital.com.au

    This is mapped to sold-training.com.au using domain mapping plugin.

    Am I able to install ssl on sold-training.com.au?

    Cheers, Sam

  • PC
    • WPMU DEV Initiate

    Hey there Sam,

    Thanks for posting back.

    Am I able to install ssl on sold-training.com.au?

    As Aaron mentioned there : Domain mapping and SSL are generally incompatible. If all your domains will be mapped, then you could probably use a UCC certificate. They are expensive though and have a limit of 100 domains.

    Cheapest wildcard or SAN certificates I've seen are here: https://www.startssl.com

    Its not easy to map the SSL on a mapped domain. On the other hand if you need the SSL on the unmapped domain, i.e. training.sold-digital.com.au then its possible with ease.

    Let me see if our second level support have got anything else to add to this. They should be around soon.

    Cheers, PC

  • Hoang Ngo
    • Code Slayer

    Hi @Samantha McLean,

    I hope you are well today and I'm very sorry about the delay.

    About your question, yes, you can install ssl on sold-training.com.au. But this will have some requirements.

    1. Your Apache Web Server must install with version 2.2.12+, we will need the TLS Extension Server Name Indication (SNI)

    2. Browsers support :
    Desktop Browsers
    Internet Explorer 7 and later
    Firefox 2
    Opera 8 with TLS 1.1 enabled
    Google Chrome:
    Supported on Windows XP on Chrome 6 and later
    Supported on Vista and later by default
    OS X 10.5.7 in Chrome Version 5.0.342.0 and later
    Safari 2.1 and later (requires OS X 10.5.6 and later or Windows Vista and later).
    Note: No versions of Internet Explorer on Windows XP support SNI
    Mobile Browsers
    Mobile Safari for iOS 4.0
    Android 3.0 (Honeycomb) and later
    Windows Phone 7

    And the certification need to be installed on the server which your domain is point to.

    Best Regards,
    Hoang

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.